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REMARKS 

Claims 1-18 are all the claims pending in the application. Claims 1,9, 15, 17 and 18 are 
being amended. 

Claim Rejections- 35 U.S.C. § 102 

Claims 1-18 are rejected under 35 U.S.C. § 102 as being anticipated by Coss et al. (Coss 
hereinafter) US Patent No. 6,170,012 Bl 

Claims 1-15 

The Applicant herein amends claims 1 and 9 to describe how the auxiliary data 
"represents operating parameters that requests reconfiguration of the control means ." Support 
for the amendment is found on page 10, lines 25-28 of the Specification. Claims 1 and 9 are 
further being amended to describe that the secondary data "requires reconfiguration of the 
control means ." Support for the amendment is found on page 2, lines 32-36 of the Specification. 

The Applicant submits that Coss fails to teach each and every element of claims 1 and 9. 
Coss is directed to a firewall which attempts to more efficiently implement rules for filtering its 
incoming packets. Coss specifically states that the "firewall in accordance with the invention 
can support multiple security policies, multiple users or both, by applying any one of several 
distinct sets of access rules." Coss, Abstract (emphasis added). Coss is limited in that it only 
contemplates ways to implement existing rules, or, in the "statefiil packet filtering," bypassing 
the existing rules. Coss, col. 5, lines 35-43. 
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In contrast, the inventive embodiments described in claims 1 and 9 are not simply 
firewalls with varying sets of rules, but firewall management devices that reconfigure the 
firewall, or control means, to implement new rules as a network evolves. Specification, p. 1, 
line 35- p. 2, line 12. In the non-limiting embodiment described in claims 1 and 9, the data 
processing server receives secondary data that requires reconfiguration of the control means, 
thus generating auxiliary data that requests the management module reconfigure the firewall, 
or control means, to implement new rules that apply to new data or situations that arise in the 
network. Specification, p. 10, lines 22-30. 

In the Final Office Action, the Examiner likens the "management means" to the DSE 
within the firewall of Coss, but these are not the same. Coss says that the "Domain Support 
Engine" (DSE) is a "decision module or engine that determines which security policy to use for a 
new network session." Col. 6, lines 1 -3. Coss only contemplates deciding which of the existing 
security policies, or rules, to implement for a new network session. In contrast, the management 
means described in claims 1 and 9 is able to define new rules if, for example, a new connection 
type is requested. As stated in the Specification, 

"...on receiving auxiliary data (for example indicating that a new ISDN type IP 

connection has been requested by a terminal of the internal network 4), the first 
configuration module 9 may deduce therefrom, firstly, the data type(s), and 
consequently the metarule(s) that it must associate with the auxiliary data for the 
firewall module 5 to be (re)configured." 

Specification, p. 1 1, lines 25-32. The secondary data and resulting auxiliary data represents a 
request for reconfiguration of the firewall. "In this way it generates one or more new primary 
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metarules that it transmits to the firewall module 5, in order for these metarule(s) to be 
substituted for or added to the rule(s) that have become inappropriate." Specification, p. 12, lines 
4-8. 

Coss fails to disclose, teach or suggest the ability to reconfigure the firewall upon receipt 
of secondary data, as Coss only describes a firewall that improves efficiency "by applying any 
one of several distinct sets of access rules." Coss, Abstract. While Coss does discuss the use of 
"dynamic rules," Coss provides no explanation of how the rules are created or implemented, and 
therefore lacks a management means to reconfigure the firewall, unlike the Applicant's claimed 
embodiments. Coss, col. 8, lines 24-36. Coss indicates that the dynamic rules are "included 
with the access rules as a need arises," indicating that they already exist in the rule set and are 
simply activated when needed. Coss, Id. In contrast, the Applicant's claimed embodiments 
provide for new rules based on the secondary data received. Coss never contemplates receiving 
secondary data "that requires reconfiguration of the control means," or auxiliary data "that 
requests the management module reconfigure the control means," as explicitly stated in claims 1 
and 9. 

The Applicant therefore submits that claims 1 and 9 are not anticipated by Coss, and 
respectfiiUy requests that the rejection under 35 U.S.C. § 102(b) be withdrawn. 

Claims 2-8 and 10-14 

The Applicant further submits that claims 2-8 and 10-14 are allowable at least based on 
their dependencies to claims 1 and 9, respectively. 
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Claims 15, 17 and 18 

Claims 15, 17 and 18 are being amended to further describe "wherein said at least one 
primary metarule is specified according to a string of characters containing a place-holder for 
each parameter of said primary metarule that is not statically defined, wherein the place-holder is 
relevant to the rule ." The Apphcant submits that Coss fails to teach each and every element of 
claims 15, 17 and 18, as Coss only teaches the use of a "wild card" place-holder that represents 
"when a category provided for in the rule table is irrelevant in a certain rule." Coss, col. 4, 
lines 15-21. In contrast, the place-holder "$1" described in the Specification at p. 15, line 34 - p. 
16, line 2, clearly represents the source or destination in the embodied rule prototypes, and the 
place-holder has definite relevance, as it corresponds to the ISP address of the e-mail server on 
the LAN. 

The Applicant thus submits that Coss fails to teach each and every element of claims 15, 
17 and 18, and respectfully requests that the rejection under 35 U.S.C. § 102(b) be withdrawn. 
Claim 16 

The Applicant additionally submits that claim 16 is allowable at least based on its 
dependency to claim 15. 

Conclusion 

In view of the above, reconsideration and allowance of this application are now believed 
to be in order, and such actions are hereby solicited. If any points remain in issue which the 
Examiner feels may be best resolved through a personal or telephone interview, the Examiner is 
kindly requested to contact the undersigned at the telephone number listed below. 
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The USPTO is directed and authorized to charge all required fees, except for the Issue 
Fee and the Publication Fee, to Deposit Account No. 19-4880. Please also credit any 
overpayments to said Deposit Account. 

RespectfiiUy submitted, 

/Scott H. Davison/ 

SUGHRUE MION, PLLC Scott H. Davison 

Telephone: (202) 293-7060 Registration No. 52,800 

Facsimile: (202) 293-7860 

WASHINGTON OFFICE 

23373 

Date: June 8, 2009 
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